diff options
| author | thakis <thakis@chromium.org> | 2015-07-16 15:13:24 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-07-16 22:13:54 +0000 |
| commit | 124f117e5e137d5bedfb0e7e5b9055a4a995fc8c (patch) | |
| tree | 85668ba5b6aa881f8d2e3e2ff23601994f5260ed /sandbox/win/src/sandbox_policy_base.cc | |
| parent | 01fffaa3e501bf7e6f1497e27fd81e035482cec1 (diff) | |
| download | chromium_src-124f117e5e137d5bedfb0e7e5b9055a4a995fc8c.zip chromium_src-124f117e5e137d5bedfb0e7e5b9055a4a995fc8c.tar.gz chromium_src-124f117e5e137d5bedfb0e7e5b9055a4a995fc8c.tar.bz2 | |
Revert of Sandbox: Make CreateRestrictedToken return a ScopedHandle. (patchset #2 id:20001 of https://codereview.chromium.org/1232963002/)
Reason for revert:
Broke a bot: http://build.chromium.org/p/chromium.win/builders/Win%20x64%20Builder%20%28dbg%29/builds/10671
Original issue's description:
> Sandbox: Make CreateRestrictedToken return a ScopedHandle.
>
> Removes raw handles from the API.
>
> BUG=426577
>
> Committed: https://crrev.com/9808175ad322e8387366cdec088e65ccb934ceac
> Cr-Commit-Position: refs/heads/master@{#339130}
TBR=wfh@chromium.org,rvargas@chromium.org
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=426577
Review URL: https://codereview.chromium.org/1240793004
Cr-Commit-Position: refs/heads/master@{#339140}
Diffstat (limited to 'sandbox/win/src/sandbox_policy_base.cc')
| -rw-r--r-- | sandbox/win/src/sandbox_policy_base.cc | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/sandbox/win/src/sandbox_policy_base.cc b/sandbox/win/src/sandbox_policy_base.cc index 12f72d5..fcc4a7c 100644 --- a/sandbox/win/src/sandbox_policy_base.cc +++ b/sandbox/win/src/sandbox_policy_base.cc @@ -550,11 +550,14 @@ ResultCode PolicyBase::MakeTokens(base::win::ScopedHandle* initial, // Create the 'naked' token. This will be the permanent token associated // with the process and therefore with any thread that is not impersonating. - DWORD result = CreateRestrictedToken(lockdown_level_, integrity_level_, - PRIMARY, lockdown); + HANDLE temp_handle; + DWORD result = CreateRestrictedToken(&temp_handle, lockdown_level_, + integrity_level_, PRIMARY); if (ERROR_SUCCESS != result) return SBOX_ERROR_GENERIC; + lockdown->Set(temp_handle); + // If we're launching on the alternate desktop we need to make sure the // integrity label on the object is no higher than the sandboxed process's // integrity level. So, we lower the label on the desktop process if it's @@ -619,11 +622,12 @@ ResultCode PolicyBase::MakeTokens(base::win::ScopedHandle* initial, // Create the 'better' token. We use this token as the one that the main // thread uses when booting up the process. It should contain most of // what we need (before reaching main( )) - result = CreateRestrictedToken(initial_level_, integrity_level_, - IMPERSONATION, initial); + result = CreateRestrictedToken(&temp_handle, initial_level_, + integrity_level_, IMPERSONATION); if (ERROR_SUCCESS != result) return SBOX_ERROR_GENERIC; + initial->Set(temp_handle); return SBOX_ALL_OK; } |